Certified System Administrator CSA Full Course Free

AnAccess Control rule (ACL)in ServiceNow defineswho can access dataandwhat actions they can performon that data. Each ACL consists of three primary components:

Object being secured– The specific table, field, or record that the rule applies to.

Operation– The type of action that is being secured (e.g., Read, Write, Create, Delete).

Permissions required– The conditions, roles, or scripts that determine whether access is granted.

ACLs evaluatewhether a user has permissionto access a specific table, field, or action.

Thesecurity rules are processed from most specific to least specific(e.g., field-level > table-level).

Permissions can be granted based onroles, conditions, or custom scriptsusing GlideSystem (gs).

A. Groups, Conditional Expressions, and Workflows(Incorrect)

ACLs do not manageworkflowsor directly control group assignments.

B. Table Schema, CRUD, and User Authentication(Incorrect)

CRUD (Create, Read, Update, Delete) permissions are controlled by ACLs, butUser Authenticationis managed separately through login policies (LDAP, SSO, etc.).

D. security_admin(Incorrect)

security_adminis aspecial elevated rolerequired to modify security settings, but it is not what an ACL specifies.

Access Control Rules

Configuring ACLs in

How ACLs Work in ServiceNow:Explanation of Incorrect Options:Official References from Certified System Administrator (CSA) Documentation:

When testing acatalog itemwith amanager approval flow, it's important to verify that the request submission, approval process, and workflow execution are working as expected. Following best practices ensures that the process functions correctly before deployment.

Why These Options Are Correct?A. Make sure the latest flows are activated.

ServiceNowflow designerallows admins to create and manageapproval flowsfor catalog items.

Before testing, it's crucial to verify that the latest version of the flow isactivated, ensuring that the system runs the correct approval logic.

C. Impersonate the requester to ensure the form works.

Impersonationallows administrators totest the user experiencewithout logging in as different users manually.

This is essential to verify thatnon-admin userscan correctlysubmit the requestand trigger the approval process.

D. Make sure the requester's user record has a manager specified.

Themanager approval flowrelies on the requester'sManagerfield in their user record.

If this field is empty, the approval requestwill not be sent to the correct manager, causing the workflow to fail.

Why the Other Options Are Incorrect?B. Use the instance Incognito setting to quickly toggle between requester and approver.

There isno "Incognito setting"in ServiceNow to toggle users.

Thecorrect methodis using theimpersonatefeature.

E. Create and select your Testing Update Set, before starting the test cases.

WhileUpdate Setstrack customizations, they arenot required for testinga catalog item’s approval workflow.

Update Sets are primarily used formigrating changesbetween instances (e.g., from Dev to Test).

F. Use your Admin account, so you can approve the items quickly.

Admin accountsoverride approval workflowsand do not provide an accurate test.

The correct method is toimpersonate the requester and approver roles separatelyto ensure the workflow works as expected.

ServiceNow Flow Designer - Approval Workflow Testing Best Practices

ServiceNow Impersonation Feature for User Testing

ServiceNow ITSM - Catalog Item Testing & Validation

References to Official Certified System Administrator (CSA) Documentation:

InServiceNow, anEventis a system-generatednotificationthatindicates an occurrence within the platform. Events are triggered automatically or manually whenspecific conditionsare met and can be used to initiatenotifications, business rules, workflows, or integrations.

Events Indicate That Something Has Happened

Example: When anIncident is assigned, an event like"incident.assigned"can be triggered.

These eventsdo not execute actions themselves, but theynotify other processesto take action.

Events Are Stored in the [sys_event] Table

TheEvent Log(System Policy > Events > Event Log) records all generated events.

Administrators can monitorwhat events were triggered, their sources, and timestamps.

Events Can Be Used for Notifications & Workflows

Example: An event"incident.closed"can be configured to send a"Thank You" emailto the requester.

Example: A custom event"task.overdue"can be used to trigger a workflow escalation.

Eventssignal that something has happened, allowing other processes (like email notifications or workflows) to react.

Theydo not execute actions themselvesbut notifyscripts, business rules, or workflows.

Key Characteristics of Events in ServiceNow:Why is "B. An Event is an indication to the ServiceNow processes that something has occurred" the Correct Answer?

A. "An Event is a trigger that has a direct response in the platform"→Incorrect

Events themselvesdo not trigger direct responses; they onlynotify the systemabout occurrences.

The system must beconfigured to respond to an event(e.g., via aBusiness Rule, Notification, or Script Action).

C. "An Event is an indicator that a Priority 1 (P1) Incident has been logged"→Incorrect

While ServiceNowcan generate an event when a P1 Incident is logged, events arenot limited to incidents.

Events apply toall ServiceNow processes(incidents, changes, tasks, etc.).

D. "An Event is a recognized, scheduled occurrence of a process"→Incorrect

Eventsare not scheduled; they aretriggered by system activities(e.g., record updates, conditions met).

Scheduled Jobs or Scheduled Scripts handletime-based automation, not events.

Why the Other Options Are Incorrect?

Navigate to:System Policy > Events > Event Log

Review the event records, including event names, sources, and timestamps.

Navigate to:System Policy > Events > Registryto see predefined event names.

UseEvent Registryto create new events that triggernotifications or workflows.

How to View and Use Events in ServiceNow?

ServiceNow Docs: Events in

ServiceNow CSA Official Training Guide (Event Management & Notifications)

References from Certified System Administrator (CSA) Documentation:This confirms that"An Event is an indication to the ServiceNow processes that something has occurred"is the correct answer.